ByteOS Network

NVD Vulnerability Details :

CVE-2017-10424

Deferred

Source-secalert_us@oracle.com

Published At-19 Oct, 2017 | 17:29

Updated At-20 Apr, 2025 | 01:37

Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Hyperlink	Source	Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	secalert_us@oracle.com	Patch Vendor Advisory
http://www.securityfocus.com/bid/101381	secalert_us@oracle.com	N/A
http://www.securitytracker.com/id/1039597	secalert_us@oracle.com	N/A
https://security.netapp.com/advisory/ntap-20171019-0002/	secalert_us@oracle.com	N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.securityfocus.com/bid/101381	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securitytracker.com/id/1039597	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security.netapp.com/advisory/ntap-20171019-0002/	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History